[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Apr 11 08:28:42 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
78fecab7 by Salvatore Bonaccorso at 2023-04-11T09:27:54+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5261,7 +5261,7 @@ CVE-2023-28490
CVE-2023-28489
RESERVED
CVE-2023-1478 (The Hummingbird WordPress plugin before 3.4.2 does not validate the ge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1477
RESERVED
CVE-2023-1476
@@ -5382,9 +5382,9 @@ CVE-2023-1428
CVE-2023-1427
RESERVED
CVE-2023-1426 (The WP Tiles WordPress plugin through 1.1.2 does not ensure that posts ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1425 (The WordPress CRM, Email & Marketing Automation for WordPress | Aw ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28488
RESERVED
CVE-2023-28487 (Sudo before 1.9.13 does not escape control characters in sudoreplay ou ...)
@@ -5802,7 +5802,7 @@ CVE-2023-1408
CVE-2023-1407 (A vulnerability classified as critical was found in SourceCodester Stu ...)
NOT-FOR-US: SourceCodester
CVE-2023-1406 (The JetEngine WordPress plugin before 3.1.3.1 includes uploaded files ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-48420
RESERVED
CVE-2022-48419
@@ -6212,7 +6212,7 @@ CVE-2023-27389
CVE-2023-23575
RESERVED
CVE-2023-1381 (The WP Meta SEO WordPress plugin before 4.5.5 does not validate image ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-48402
RESERVED
CVE-2022-48401
@@ -8847,11 +8847,11 @@ CVE-2023-1124 (The Shopping Cart & eCommerce Store WordPress plugin before 5
CVE-2023-1123
RESERVED
CVE-2023-1122 (The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1121 (The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1120 (The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1119
RESERVED
CVE-2023-1118 (A flaw use after free in the Linux kernel integrated infrared receiver ...)
@@ -11175,7 +11175,7 @@ CVE-2023-0985
CVE-2023-0984
RESERVED
CVE-2023-0983 (The stylish-cost-calculator-premium WordPress plugin before 7.9.0 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0982 (A vulnerability was found in SourceCodester Yoga Class Registration Sy ...)
NOT-FOR-US: SourceCodester Yoga Class Registration System
CVE-2023-0981 (A vulnerability was found in SourceCodester Yoga Class Registration Sy ...)
@@ -12548,7 +12548,7 @@ CVE-2023-0895 (The WP Coder – add custom html, css and js code plugin for
CVE-2023-0894
RESERVED
CVE-2023-0893 (The Time Sheets WordPress plugin before 1.29.3 does not sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0892
RESERVED
CVE-2023-0891
@@ -12628,7 +12628,7 @@ CVE-2023-0876 (The WP Meta SEO WordPress plugin before 4.5.3 does not authorize
CVE-2023-0875 (The WP Meta SEO WordPress plugin before 4.5.3 does not properly saniti ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0874 (The Klaviyo WordPress plugin before 3.0.10 does not sanitize and escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0873
RESERVED
CVE-2023-25932
@@ -15810,7 +15810,7 @@ CVE-2023-0607 (Cross-site Scripting (XSS) - Stored in GitHub repository projects
CVE-2023-0606 (Cross-site Scripting (XSS) - Reflected in GitHub repository ampache/am ...)
- ampache <removed>
CVE-2023-0605 (The Auto Rename Media On Upload WordPress plugin before 1.1.0 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0604
RESERVED
CVE-2023-0603
@@ -16609,7 +16609,7 @@ CVE-2023-0548 (The Namaste! LMS WordPress plugin before 2.5.9.4 does not sanitiz
CVE-2023-0547
RESERVED
CVE-2023-0546 (The Contact Form Plugin WordPress plugin before 4.3.25 does not proper ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0545
RESERVED
CVE-2023-0544
@@ -18333,9 +18333,9 @@ CVE-2023-0425
CVE-2023-0424
RESERVED
CVE-2023-0423 (The WordPress Amazon S3 Plugin WordPress plugin before 1.6 does not sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0422 (The Article Directory WordPress plugin through 1.3 does not properly s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0421
RESERVED
CVE-2023-0420
@@ -18995,7 +18995,7 @@ CVE-2023-0365 (The React Webcam WordPress plugin through 1.2.0 does not validate
CVE-2023-0364 (The real.Kit WordPress plugin before 5.1.1 does not validate and escap ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0363 (The Scheduled Announcements Widget WordPress plugin before 1.0 does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0362 (Themify Portfolio Post WordPress plugin before 1.2.2 does not validate ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0361 (A timing side-channel in the handling of RSA ClientKeyExchange message ...)
@@ -21714,9 +21714,9 @@ CVE-2023-0159 (The Extensive VC Addons for WPBakery page builder WordPress plugi
CVE-2023-0158 (NLnet Labs Krill supports direct access to the RRDP repository content ...)
NOT-FOR-US: NLnet Labs Krill
CVE-2023-0157 (The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0156 (The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-0155
RESERVED
CVE-2023-0154 (The GamiPress WordPress plugin before 1.0.9 does not validate and esca ...)
@@ -23609,7 +23609,7 @@ CVE-2022-4829 (The Show-Hide / Collapse-Expand WordPress plugin through 1.2.5 do
CVE-2022-4828 (The Bold Timeline Lite WordPress plugin before 1.1.5 does not validate ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4827 (The WP Tiles WordPress plugin through 1.1.2 does not validate and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4826 (The Simple Tooltips WordPress plugin before 2.1.4 does not validate an ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4825 (The WP-ShowHide WordPress plugin before 1.05 does not validate and esc ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78fecab7742878c29a525decf5073c4e1cfe4555
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78fecab7742878c29a525decf5073c4e1cfe4555
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230411/c2b4ce0e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list